Return-Path: Received: by massis.lcs.mit.edu (8.7.4/NSCS-1.0S) id DAA15632; Mon, 10 Feb 1997 03:01:12 -0500 (EST) Date: Mon, 10 Feb 1997 03:01:12 -0500 (EST) From: ptownson@massis.lcs.mit.edu (TELECOM Digest Editor) Message-Id: <199702100801.DAA15632@massis.lcs.mit.edu> To: ptownson@massis.lcs.mit.edu Subject: TELECOM Digest V17 #36 TELECOM Digest Mon, 10 Feb 97 02:54:00 EST Volume 17 : Issue 36 Inside This Issue: Editor: Patrick A. Townson FCC to Allow per Minute Charges on Internet Users? (Jack Decker) United States Cellular Answers Me (Stanley Cline) Really Strange Problem (Clifton Sharp, Jr.) Re: Florida PSC Selects Three-Way NPA Split (John Cropper) Kevin Mitnick Update (Dave Harrison) TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of public service systems and networks including Compuserve and America On Line. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. Subscriptions are available to qualified organizations and individual readers. Write and tell us how you qualify: * ptownson@massis.lcs.mit.edu * The Digest is edited, published and compilation-copyrighted by Patrick Townson of Skokie, Illinois USA. You can reach us by postal mail, fax or phone at: Post Office Box 4621 Skokie, IL USA 60076 Phone: 847-329-0571 Fax: 847-329-0572 ** Article submission address: ptownson@massis.lcs.mit.edu Our archives are located at hyperarchive.lcs.mit.edu. The URL is: http://hyperarchive.lcs.mit.edu/telecom-archives They can also be accessed using anonymous ftp: ftp hyperarchive.lcs.mit.edu/telecom-archives/archives (or use our mirror site: ftp ftp.epix.net/pub/telecom-archives) A third method is the Telecom Email Information Service: Send a note to tel-archives@massis.lcs.mit.edu to receive a help file for using this method or write me and ask for a copy of the help file for the Telecom Archives. ************************************************************************* * TELECOM Digest is partially funded by a grant from the * * International Telecommunication Union (ITU) in Geneva, Switzerland * * under the aegis of its Telecom Information Exchange Services (TIES) * * project. Views expressed herein should not be construed as represent-* * ing views of the ITU. * ************************************************************************* Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of twenty dollars per year per reader is considered appropriate. See our address above. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. ---------------------------------------------------------------------- Date: Sun, 09 Feb 1997 18:02:58 -0500 From: Jack Decker Subject: FCC to Allow per Minute Charges on Internet Users? Another message on this topic from the VON (Voice on the Net) mailing list: Message-Id: <199702092207.RAA17745@enterprise.pulver.com> Date: Sun, 9 Feb 1997 15:53:42 -0500 From: John Collins To: "jeff@pulver.com" cc: VON Mailing List Subject: [VON]: (#1) FCC to allow per minute charges on internet users? Sender: owner-von@Pulver.COM Precedence: bulk Hi Jeff, I've received several notices this weekend about the FCC's pending approval of telco's per minute charging for internet access. The reports all had a "Good Times Virus" air about them, so I've ruffled some feathers by demanding verification. This report is below - you'll see what I mean ... Through my own research, I finally dug up enough "proof" to begin to believe the reports. Because of your past experience with the ACTA petition, work with the FCC, etc., I figured you're the most qualified person I know that I can seek an opinion from. Is there anything for us to worry about? Should I influence my circle of contacts to contact the FCC? If so, what are the guidelines you'd give for doing this? I'm taking the liberty of forwarding you several additional emails. Thanks for your time, and any comments you may have. God bless you, John Collins << start of forwarded material >> Date: Sun, 9 Feb 1997 13:46:57 -0500 From: atomclow@pepper.ncinter.net (Tom Clow) Subject: Alerting Gods Saints On January 28, 1997, a conglomerate of local phone companies made a filing with the FCC for permission to impose per minute charges on internet users. The phone companies want to cash in on the millions of internet users. A copy of the actual filing is listed below and can be found on the FCC's home page at http://www.fcc.gov/filings.html Protests (or your concerns) can be e-mailed to isp@fcc.gov In the Matter of Access Charge Reform (96-262)/Price Cap Performance Review for Local Exchange Carriers (CC Docket No. 94-1)/Transport Rate Structure and Pricing (CC Docket No.91-213)/Usage of the Public Switched Network by Information Service and Internet Access Providers (CC Docket No. 96-263). Comments - Ad Hoc, ACC Long Distance Corporation, Alabama Public Service Commission, Alaska Telephone Association, Aliant Communications Company, Alliance for Public Technology, Alltel, America Online, Inc., American Association of Retired Persons, American Library Association, American Petroleum Institute, America's Carriers Telecommunication Association, Ameritech, AT&T, Bankers Clearinghouse, Bell Atlantic and NYNEX, BellSouth Corporation & BellSouth Telecommunications, Inc., Cable and Wireless, Cable and Wireless , California, Cathey Hutton and Associates, Centennial Cellular Corporation, Cincinnati Bell Telephone, Citizens Utilities Company, Comments of Independent Telephone & Telecommunications, Commercial Internet Exchange Association, Commonwealth of the Northern Mariana Islands, Communications Workers of America, Competition Policy Institute, Competitive Telecommunications Association, Compuserve, Inc., Consumer Project on Technology (CPT), CSE Foundation, Errata by Bell Atlantic and Nynex, Excel Telecommunications, Inc., Florida Public Service Commission, Frederick and Warinner, L.L.C., Frontier Corporation, General Communications Inc., Group of State Consumer Advocate, GSA, GTE, GVNW, Historically Black Colleges and Universities, ICG Telecom Group, Inc., Independent Telephone & Telecommunications Alliance, Illuminet, Information Industry Association, International Communications Association, Internet Access Coalition, ISA, ITCs, IXC Long Distance, Inc., John Steaurulakis, Inc., Joint Comments - American Association for Adult and Continuing Education, et al, Kansas Corporation Commission, LCI International Telecom Corporation, Lyman C. Welch, MCI, Media Access Project, Microsoft Corporation, Minnesota Independent Coalition, National Cable Television Association, National Association of Regulatory Utility Commissioners, National Exchange Carrier Association, New York State Department of Public Service, Northern Arkansas Telephone Company, Ohio Consumer's Counsel's, Ozarks Technical Community College, Pacific Telesis Group, Pennsylvania Internet Service Providers, Personal Communications Industry Association, Public Utility Commission of Texas, Public Utility Commission of Oregon, Public Service Commission of the District of Columbia, Public Utilities Commission of Ohio, Puerto Rico Telephone Company, Roseville Telephone Company, Rural Telephone Finance Cooperative, Rural Telephone Coalition, Rural Utilities Service, SDN Users Association, Inc., Small Western LECs, Evans Telephone Company, Sonetech, South Dakota Public Utilities Commission, Southern New England Telephone Company, Southwestern Bell Telephone Company, Spectranet International, Inc., Sprint Corporation, TCA, Inc., TDS, Telco Communication Group Inc., Tele-Communications Inc., Teleport Communications Group, Inc., Tele-Communications, Inc., Teleport Communications Group, Inc., Texas Office of Public Utility Counsel's, Time Warner Communications Holdings, Inc., TRA, US West, Inc., USTA, Washington Independent Telephone Association, Western Alliance, Winstar Communications, Inc., Worldcom, Inc., Airtouch. << end of forwarded material >> Pastor John Collins wcs@smart.net Grace Hour Christian Radio -- (Almost) Live on the Internet! http://www.ggwo.org/ ------------------------------ From: roamer1@RemoveThis.pobox.com (Stanley Cline) Subject: United States Cellular Answers Me Date: Sun, 09 Feb 1997 22:37:51 GMT Organization: Catoosa Computing Services Reply-To: roamer1@RemoveThis.pobox.com Earlier this week I finally received a response to the voluminous, numerous complaints I've made to and about United States Cellular about the persistent roaming problems discussed here before -- lack of coverage and excessive overlap into other systems, overcharges, etc. -- and it turns out that USCC doesn't appear to be at fault as much as I thought. In fact, my current (soon to be ex-) cellular carrier -- BellSouth Mobility -- has been providing somewhat confusing and misleading information for the past year or so. Here's a summary of what USCC has stated, and my comments: * No coverage in Polk County (Ocoee, Copper Basin), TN -- USCC is *NOT* "licensed" in that area, as BellSouth has stated previously. In fact, USCC's Construction Permit for Polk County expired in late 1995; therefore, the FCC now considers the area "unserved" and (apparently) the territory could be licensed to *any* carrier. BellSouth stated -- INCORRECTLY -- several times between February and October 1996 that *USCC* was responsible for the area, when in fact *BellSouth* could have it IF THEY WANTED IT. Of course, BS claimed they COULDN'T provide service in Ocoee, when they COULD! Currently, there is still no B-side service in that area; BellSouth has shown no interest in providing service there, and USCC has let it go. Apparently one of four things will happen: a) BellSouth wakes up and gets the license, and a tower up in Copperhill, b) RamCell, the carrier to the east of Copperhill, buys the license, c) someone else gets the territory, or d) area remains with no B service. The way it looks now, d) is what I expect to happen. Further, it turns out USCC has an agreement for its customers to roam on the "A" system (GTE Wireless/CellularOne) in Polk County AT HOME RATE. BellSouth customers, OTOH, are sent to Cellular Express (which charges $2/min.) In fact, BellSouth has pulled most if not ALL A-side roaming agreements for its B-side customers. (On a recent trip to Louisiana, I could NOT roam on ANY A-side systems, and couldn't even in one B system.) I have prodded BellSouth for MONTHS to get an agreement with GTE, but they said they "wouldn't get an agreement with the competitor [in Chattanooga.]" Never mind that GTE's customers *CAN* ROAM ON THE CHATTANOOGA BELLSOUTH SYSTEM! * Phone listing in Copper Basin: USCC said it was intended to help those in Copper Basin area obtain their service "if they live in the area and work in other areas", etc. Given BellSouth's stance on Polk County, it is apparently GOOD that USCC does so -- if only because USCC offers home rate there (which BellSouth doesn't.) * Coverage "overlap" in Spring City, TN: USCC *IS* licensed for the Spring City area. This means that Chattanooga is yet another BellSouth market (Atlanta and New Orleans are others) where BellSouth doesn't hold cellular licenses for a whole local calling area, and that the Rhea County B-side is split in half (BellSouth in Dayton and southern end, USCC in northern half.) * Other coverage overlaps (Coffee and Dekalb counties, etc.):=20 Apparently these were transient, or my phone was misbehaving. * *611 charges: USCC claims BellSouth has caused problems. Apparently this is the case, as for the aforementioned Louisiana trip, I was charged for two customers service calls (both in the Fort Payne, Alabama area.) * Charges for BY/NA: USCC bills other carriers for BY/NA calls IF the call exceeds 59 sec.; whether the other carrier bills the roamer is up to the other carrier. (Apparently under the new quasi-"statewide" local calling, BellSouth does NOT bill for BY/NA in USCC's areas.) USCC denied claims it was intentionally overbilling and gouging customers of BellSouth and other carriers. It turns out I may file complaints against BELLSOUTH, for CONTINUING to advertise its "statewide" local calling when it KNOWS there is NO service in or roaming agreement for Polk County (which IS in Tennessee), and for various other problems mentioned in the Digest before (billing local, intRALATA calls as intERLATA long distance calls, poor service in Jasper, etc.) ... The day after I received the response, I received several emails of a press release issued by BellSouth and US Cellular -- BellSouth is trading its Wisconsin cellular markets (including Green Bay, Janesville, Oshkosh, Racine, and Milwaukee) for interests in other systems in the South. BellSouth will get controlling interest in: * Shelbyville, TN B-side (should be combined w/ BellSo Nashville system) * Bowling Green, Owensboro, Paducah KY A-side * Corbin, Hazard KY A-side * Evansville, IN metro area A-side (will probably be combined with Indianapolis system) and will get partial interests in Nashville, TN; Huntsville, AL; Baton Rouge, LA; and southern Mississippi (Biloxi, etc.) All of these areas, except for Biloxi, are now controlled by BellSouth. ... Anyway, I'm glad to know that USCC isn't as much of an enemy as I used to think, and that I can put this mess behind me. (I'm also dropping my two phones with BellSouth -- they ALREADY know WHY I'd do so! Besides, I may soon be working for CellularOne anyway! Even so, I'm looking at getting a phone with USCC just for ROAMING!) The enemy is now BellSouth! Now I can concentrate on other things, like my web site ... Stanley Cline (Roamer1 on IRC) ** GO BRAVES! GO VOLS! dba Catoosa Computing Services, Chattanooga, TN mailto:roamer1@pobox.com ** http://www.pobox.com/~roamer1/ From: line changed so I get NO SPAM! See http://www.vix.com/spam/ ------------------------------ Date: Sat, 08 Feb 1997 17:18:54 -0600 From: clifto@webspun.com (Clifton Sharp, Jr.) Subject: Really Strange Problem We opened our latest telephone bill this morning to find a tremendous surprise; several international calls to Australia, Germany and Diego Garcia (?). There has to be some sort of equipment failure involved, and I doubt it's anything I have connected. Here are some call details as shown on the bill. MCI: No. Date Time Place Called Number Code Min Amount 1 1-03 816A AUSTRALIA 61211966 Y 1 1.15 2 1-03 816A GERMANY 496997266111 R 1 1.38 3 1-03 823A AUSTRALIA 61211966 Y 1 1.15 4 1-03 824A GERMANY 496997266111 R 1 1.38 Note that AT&T is our zero-plus IXC. So theoretically, we dialed 10222-01-61-211966, waited for the call to supervise, hung up, dialed 10222-01-49-699-726-6111, waited for the call to supervise, and hung up ... *all within 60 seconds*. AT&T: No. Date Time Place Called Number Code Min Amount 3 1-03 817A DIEGOGRCIA 246260003264 R 1@ 3.46 4 1-03 817A DIEGOGRCIA 246260003264 R 1@ 3.46 5 1-03 824A DIEGOGRCIA 246260003264 R 1@ 3.46 6 1-03 825A DIEGOGRCIA 246260003264 R 1@ 3.46 7 1-06 146P DIEGOGRCIA 246260003264 R 1@ 3.46 8 1-06 147P DIEGOGRCIA 246260003264 R 1@ 3.46 9 1-06 154P DIEGOGRCIA 246260003264 R 1@ 3.46 10 1-06 154P DIEGOGRCIA 246260003264 R 1@ 3.46 Again, note the first two and the last two. Also note call 5, which was in the same minute as MCI call 4. Ameritech deleted the MCI charges and said they'd contact repair service to check whatever needs checking; AT&T asked that I call back when I hear what the problem was (they're perfectly willing to delete the charges, but they'd like to know what account to charge them to; I don't mind). Anyone with any ideas what might have caused this? Cliff Sharp | If tin whistles are made of tin, what do they make WA9PDM | foghorns out of? --Lonnie Donnegan ------------------------------ From: John Cropper Subject: Re: Florida PSC Selects Three-Way NPA Split Date: Sat, 08 Feb 1997 08:47:15 -0500 Organization: MindSpring Reply-To: psyber@mindspring.com Linc Madison wrote: > In article , psyber@mindspring.com > wrote: >> The Florida PSC decided Tuesday in favor of a three-way split for NPA >> 904, to take place as early as late May. >> Essentially, the Pensacola, Panama City, and Tallahassee LATAs will >> retain area code 904. The Jacksonville LATA, encompassing the >> northeast corner of the state, will receive 850, and Daytona Beach >> will receive a third NPA, possibly either 780 or 550 (based on >> available domestic-relief codes, vs. assigned COCs in 904, 407, & >> 352). >> Permissive dialing could start as early as May 31, 1997 (based on >> documentation from the PSC meeting), and last as long as a year. >> The move was a surprise, considering most of the industry support was >> behind a two-way split, with Tallahassee/Panama City/Pensacola >> retaining 904, and Daytona/Jacksonville receiving 850. The move would >> allow 904 and 850 to last until 2004-6, and the new NPA to last six to >> ten years beyond that ... > How long is 352 supposed to last? The original plans called for a much > larger area to be moved out of 904 into the new area code, but the plan > was changed on the basis of the assertion that 904 didn't really need > all that much relief, so it would be okay to move only the Gainesville > LATA. Here they are talking about another split not even a year and a > half later. Originally (in 1995), the Gainesville and Daytona Beach LATAs were to split off 904 and become 850. When 407-850 was discovered to exist, AND was a 7D local call from the Gainesville LATA, the NPA was hastily changed to 352. Additionally, resort owners in Daytona Beach complained of losing their identity, so the idea of moving DBL out of 904 was shelved. The resulting 904/352 split only shaved 179 COCs off 904 (effectively extending its life a maximum of 24 months, as we have now been witness to). As well, 352 has only ADDED prefixes since its initial split in 4Q95, and might be expected to last until 3Q2012 at the current rate of growth (assuming a graduated 7% residential/ business growth boom expected by local planning commissions early in the 21st century). > Many people have expressed concern about the pace at which we are using > up area codes now. I'm not really concerned about things like the 19-way > split in the Caribbean, because at least that's a one-shot deal. However, > if we keep having splits where not even 200 prefixes are moved into the > new area code, we're going to be in serious trouble. You have to remember, Linc, the telcos administering the NANP are at the whim of each respective PSC/PUC. More knowledgable commissioners will advocate the proper methods to prevent frequent need for further relief (be it a multiple split, or an overlay). Less knowledgeable (or in some cases, really stupid) commissioners will go with the 'one-shot, quick fix', as happened in 206/360, 303/970, 602/520, 612/320, 404/770, 904/352, 703/540, 305/954, ... the list goes on. > According to John Cropper's figures on his web page, 352 currently has > only 184 prefixes in it. In Colorado, area codes 970 and 719 combined > have fewer prefixes than what's left of 303. Area code 320 in Minnesota > has only 183 prefixes, leaving 612 to split again almost immediately. > In Virginia, area code 757 has only 294 prefixes, while 804 will be left > with about 478, putting it right back in the queue for another split. Except that in the case of 804/757, you might just see them both split/overlay at the same time, since much of the growth in 804 was in the Chesapeake basin ... > Don't get me wrong -- I think a 3-way split is probably the best option > at this point. However, I think it would've been more prudent to have > made essentially a 3-way split, but with Daytona Beach joining Gainesville > in area code 352, so that what was 904 two years ago would be three, > instead of four area codes a year from now. How many people in Daytona > Beach are really pleased that they got to hold onto 904 for an extra 18 > months? Believe me, they were thrilled to hold on to their identity just as much as your *408ers* fought not to have their domain split ... John Cropper voice: 888.NPA.NFO2 LINCS 609.637.9434 PO Box 277 fax: 609.637.9430 Pennington, NJ 08534-0277 mailto:psyber@mindspring.com http://www.lincs.net/ Unsolicited commercial e-mail will be traced, and the sender's ISP notified. NO COMMERCIAL E-MAIL! ------------------------------ From: Davew@cris.com (Dave Harrison) Subject: Kevin Mitnick Update Date: 8 Feb 1997 08:45:15 GMT Organization: Concentric Internet Services Here's an article I came across in one of our online magazines ... I thought it may be of interest to Digest readers. Note that in a week, Kevin will have been in custody for *two* years and hasn't had a trial date set. The Feds also plan on dragging this out by prosecuting Kevin in multiple jurisdictions because he wouldn't sign a plea bargain. As a sidenote, a few weeks ago, Mitnick was throw in solitary for a weekend and his Walkman was confiscated -- the Feds actually thought he was going to modify it in to a walkie talkie. They also believe he can whistle commands over the phone to remote modems. ---------------------------------------------- Hacked, Cracked and Phreaked All these idiots," Kevin Mitnick told me when I was researching a book about his notorious network infiltrations. "They put their workstations on the Internet and then they run their [encryption] software on their Unix box, and I just backdoor it [for] their pass phrase." With all their bravado, hackers can make you skeptical about the latest advances in computer security. Sure, encryption, firewalls, intrusion detection programs and digital IDs are all helpful tools, but I'm not one of those expecting a miracle cure. As another former cracker recently told me, "Using encryption doesn't make people smart." Two guys named Kevin with eight years of jail between them -- and counting -- have taught me how the other side thinks. I started getting late-night calls on a pay phone from Kevin Mitnick more than two years ago, when he was on the run from the FBI and a little-known security whiz named Tsutomu Shimomura. Kevin Poulsen may be less notorious, but he's no less intriguing. Charged with everything from espionage to hacking radio giveaways -- he won two Porsches -- Poulsen recently finished a five-year stint in federal jail. Last fall, Mitnick's crimes were hinted at in a federal indictment. Since then I've tracked down some of his purported corporate victims and uncovered a clearer picture. The hacker's real targets were industry giants such as Motorola and NEC. Was their computer security bad? Not really. Did Mitnick teach these multinational corporations some very important lessons? Yes. The major alleged offenses against Mitnick are the misappropriation of the proprietary software of a Who's Who of the high-tech world -- Motorola, Nokia, Fujitsu, Novell and NEC. Eighty million bucks is what these companies lost, the government privately says. Some of the companies say the government is exaggerating, arguing that Mitnick seemed to be in it largely for the thrill. But the danger is clear. A hacker with his skills, hired by competitors or foreign governments, could have easily used his intrusions to steal millions of dollars' worth of secrets. How did Mitnick do it? A source at Motorola alleges Mitnick installed what now seems a dated technique -- a packet sniffer to suck up passwords. He did a little "social engineering," allegedly phoning the company and impersonating executives to trick Motorola out of the information he needed to complete his theft. "He did move a block of code," confirms a Motorola official. "He stole source code." Now, the company has new policies for information given out over the phone. Fortunately for Motorola, the company found "no pattern of abuse or fraud." Mitnick, in other words, didn't damage their computers, and as far as they could discern, had no plan to sell their code. In Motorola's defense, sniffers were still new at the time, and Mitnick was a gifted social engineer. The subsequent victims had fewer excuses. Months later, another major cellular phone maker was hit. "By then everybody knew about packet sniffers," says one of the victims. Everybody, it seemed, except for the victimized corporation. Again, they were lucky. Although Mitnick swiped the source code that operates their cellular phone and other wireless products, he didn't seem interested in money or wreaking havoc. Technically, there was no excuse for the success of Mitnick's attacks, because products to combat them were already widely available. But there's frequently a time gap between the latest hacking methods and how quickly companies respond with fixes. Countless Internet mailing lists and World Wide Web sites are posted weekly, highlighting new operating system bugs that could provide access. Staying secure is a fast-moving target. Hackers study and share the vulnerabilities more thoroughly than most security professionals. If you don't patch it in days, you may be the next victim. It's tempting to think that prepacked encryption and other technical innovations will eliminate these risks. But then I remember Mitnick telling me how frequently companies make mistakes in deploying such tools, things as simple as forgetting to delete decrypted messages. And there's another, more subtle problem. Often, the more technology corporations buy, the more they develop an aura of invincibility, an aura the Kevin Mitnicks of the world love to pierce. Pressure to join the Internet and the Web creates another dilemma. The Web may be the future, but its general absence of security is spinning us back into a hacker's Wild West. In the last few months, Web sites for the Air Force, the Department of Justice and the CIA have been hacked and plastered with graffiti. Topless pics of "Friends" TV stars aren't the images the Justice Department wants to portray to the public. Imagine the worst that might show up on your company's window to the public. It's tempting to think technology and the government's tough line on hacking will rid our networks of crime. But consider what the CIA recently told Congress: Hacker terrorists, warned the CIA's director, could execute a strike against our telecommunication and information infrastructure with the destructive force of a nuclear attack. Remember Kevin Poulsen? He wrote a program that ran on Pacific Bell's computers and tipped him off to nearly every FBI wiretap in the state of California. He found mob taps, DEA taps and national security taps. And he could wiretap whomever he wished. Just a kid with no high school diploma, without a political agenda. Imagine what the really scary criminals are doing. Jonathan Littman is a free-lance writer in Mill Valley, Calif., who writes and speaks about computer security. He is the author of "The Fugitive Game" and the upcoming "The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen." ------------------------------ End of TELECOM Digest V17 #36 *****************************